Hi Andreas, On Sat, 2009-01-17 at 16:18 +0100, Andreas Henriksson wrote: > Hello Jamal! > > On lör, 2009-01-17 at 09:41 -0500, jamal wrote: > > Debian Lenny has a small issue with iptables: > > > > 1) libxtables.so is missing > > My opinion: I think it should be put in package iptables instead of > > iptables-dev since tc will load it at runtime. > > Preferably, tc should use the versioned library instead that matches the > ABI it expects. (libxtables.so.0 is shipped in iptables) > > $ dpkg -L iptables | grep libxtables.so > /lib/libxtables.so.0.0.0 > /lib/libxtables.so.0 >
Hrm. What am i doing wrong? I dont have it on debian lenny: ------- dogo:~# cat /etc/debian_version 5.0 dogo:~# dpkg -L iptables | grep libxtables.so dogo:~# ------ > (IMHO it would also be nice if tc where link to xtables at build-time > instead of run-time...) Sorry, yes - thats the plan. link at compile time so when you do ldd on tc you see what libxtables its looking for. But load it at runtime i.e shared library. OTOH, it will know nothing about libxt_*.so until runtime (but looking at libxtables - it seems i dont have to worry about it loading the wrong version of libxt_*.so) > > 2) The headers like xtables.h etc which are part of iptables 1.4.2 > > should be included (maybe as part of iptables-dev). > > xtables.h is already part of iptables-dev. > > $ dpkg -L iptables-dev | grep xtables.h > /usr/include/xtables.h > Ok, that i have. I did not have iptables-dev before. > > 3) The iptables shipped claims to be 1.4.1 - in which case i would > > I have iptables 1.4.2 (running debian unstable) though, so maybe my > above statements aren't necessarily true for lenny.... > I see - so is there a trick where i can upgrade mine maybe by setting something to point to in apt repository? Here's how mine looks like on this laptop. --------- deb http://gulus.usherbrooke.ca/debian/ lenny main contrib non-free deb-src http://gulus.usherbrooke.ca/debian/ lenny main contrib non-free deb http://security.debian.org/ lenny/updates main contrib non-free deb-src http://security.debian.org/ lenny/updates main contrib non-free deb http://www.debian-multimedia.org lenny main deb-src http://www.debian-multimedia.org lenny main deb http://www.debian-multimedia.org testing main deb http://www.debian-multimedia.org unstable main # deb http://apt.wicd.net lenny extras ---------- > > expect the libipt_*.so (eg libipt_MARK.so) to be fully there and so we > > wont need to make any changes to ipt. > > I beleive fixing libipt_*.so is a dead end... > Patrick McHardy gave some helpful hints about future visions: > | We've added a shared library to iptables so m_ipt doesn't have > | to reimplement things, which is pretty much guaranteed to break > | occasionally. It doesn't contain all the functionality thats > | needed yet, but it should be fairly easy to add. Most likely > | you just need to move the code around. > (From http://www.spinics.net/lists/netdev/msg85706.html ) > I am happy with libxtables direction (thanks again Jan) - it will reduce greatly (probably to zero) future breakages. The only challenge i see now is i wont be able to have both forward and backward compatibility with current version of ipt without some really ugly looking ifdefs. So my thinking is to have two versions going forward. One that uses only libxtables and another (current one) that works with previous versions of iptables. I will try to do compile time detection and pick one. No existing scripts will have to change. > > Sorry, I dont know how to navigate around debian development - maybe > > whoever is maintaining iptables on debian can make these changes (at > > See http://packages.debian.org/iptables for package information and > related links. I've added the iptables maintainer, Laurence J. Lane, to > the recipients of this mail. > >From your comments above i think i am the one who has a screwed up environment. If i can get my setup to be the same as yours i can work on a patch. cheers, jamal -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
